<?php
session_start();
require_once('../lib.php');

if(verify_page()){
	if( isset($_GET['act']) && $_GET['act'] != ''){
		$act = $_GET['act'];
		switch($act){
			  case "addfriend": 	{
						  if( isset($_GET['val']) && $_GET['val'] != ''){
									$val = $_GET['val']; //print_r ($val);
									echo add_friend($val);
						  }
						  else{ echo '0'; }
						  
						  break;
				}
			  case "newgroup": 	{	
						  if( isset($_GET['val']) && $_GET['val'] != ''){
									$val = $_GET['val']; //print_r ($val);
									echo new_group($val);
						  }
						  else{ echo '0'; }
						  break;
				}
			  case "addmember": 	{	
						  if( isset($_GET['val']) && isset($_GET['pos']) && $_GET['pos'] != ''){
							  if($_GET['val'] != ''){
								  $pos = $_GET['pos'];
								  $val = $_GET['val']; //print_r ($val);
								  echo add_member($pos,$val);
							  }
							  else { echo '2'; }
						  }
						  else{ echo '0'; }
						  break;
				}
			  case "editgroup": 	{	
						  if( isset($_GET['val']) && $_GET['val'] != ''){
								  $val = $_GET['val']; //print_r ($val);
								  echo edit_group($val);
						  }
						  else{ echo '0'; }
						  break;
				}
			  case "deletegroup": 	{	
						  if( isset($_GET['val']) && $_GET['val'] != ''){
								$val= $_GET['val'];
								echo delete_group($val);
						  }
						  else{ echo '0'; }
						  break;
				}
			  default:		{
						  echo 'Function false';
						  break;
				}
		}
	}
}
	
	
function add_friend($val)
{
	include("../connect.php");
	
	$flag = false;
	$array_member = '';
	$command = "SELECT `member`";
	$command .= " FROM `user_groupview`";
	$command .= " WHERE `groupname` = '".name_db_friendlist."' AND `owner` = '".$_SESSION[sess_login]['id']."'";	
	$result = mysql_query($command, $conn);
	if(mysql_num_rows($result)==1){
		$row = mysql_fetch_row($result);
		if($row[0]!=''){
			$array_member = explode(":", $row[0]);
			if(in_array($val,$array_member)){
				return '3';
			} else{
				$flag = true;
			}
		} else {
			$flag = true;
		}
	} else if(mysql_num_rows($result)==0){
		$command6 = "INSERT INTO `user_groupview` (`groupname`, `owner`)";
		$command6 .= "VALUES ( '".name_db_friendlist."' , '".$_SESSION[sess_login]['id']."')";
		$result6 = mysql_query($command6, $conn);
		if($result6){
			$flag = true;
		}
		else {
			return '4';
		}
	}
	
	if($flag){
		$array_member[] = $val;
		sort($array_member);
		$str_member = implode(':',$array_member);
		
		$command1 = "UPDATE `user_groupview` ";
		$command1 .= " SET `member` = '".$str_member."'";
		$command1 .= " WHERE `groupname` = '".name_db_friendlist."' AND `owner` = '".$_SESSION[sess_login]['id']."'";
		$result1 = @mysql_query($command1, $conn);
		//save_log ('Add','db2txt',$id); //Add,Update,Edit,Status,Delete,Check
		if($result1)  {  
			return '1';
		}  
		else  {  
			return '2';
		}
		@mysql_free_result($result1);
	}
	@mysql_free_result($result);
	mysql_close($conn);
}

function new_group($val)
{
	$var_array = read_var ($val);
	
	include("../connect.php");
	
	$command2  = "INSERT INTO `user_groupview` (`groupname`,`owner`)";
	$command2 .= " VALUES ('".$var_array['groupname']."','".$_SESSION[sess_login]['id']."')";
	$result2 = mysql_query($command2, $conn);
	$id = mysql_insert_id();
	//save_log ('Add','imgalbum',$id); //Add,Update,Edit,Status,Delete,Check
	if($result2)  {  
		return '1';
	}  
	else  {  
		return '2';
	}

	mysql_free_result($result2);
	mysql_close($conn);
}


function add_member($pos, $val)
{
	include("../connect.php");
	$member = implode(":", $val);
	
	$command3 = "UPDATE `user_groupview` ";
	$command3 .= " SET `member` = '".$member."'";
	$command3 .= " WHERE `id` = '".$pos."' AND `owner` = '".$_SESSION[sess_login]['id']."'";
	echo $command3;
	$result3 = mysql_query($command3, $conn);
	if($result3){	
		return '1';
	}
	else{
		return '0';
	}
	mysql_free_result($result3);
	mysql_close($conn);
}

function edit_group($val)
{
	$var_array = read_var ($val);
	
	include("../connect.php");
	
	$command4 = "UPDATE `user_groupview` ";
	$command4 .= " SET `groupname` = '".$var_array['group_editname']."'";
	$command4 .= " WHERE `id` = '".$var_array['id_f']."' AND `owner` = '".$_SESSION[sess_login]['id']."'";
	$result4 = mysql_query($command4, $conn);
	$id = mysql_insert_id();
	//save_log ('Add','imgalbum',$id); //Add,Update,Edit,Status,Delete,Check
	if($result4)  {  
		return '1';
	}  
	else  {  
		return '2';
	}

	mysql_free_result($result4);
	mysql_close($conn);
}


function delete_group($val){
	include("../connect.php");
	
	$command5 = "DELETE FROM `user_groupview` ";
	$command5 .= " WHERE `id` = '".$val."' AND `owner` = '".$_SESSION[sess_login]['id']."'";
	$result5 = mysql_query($command5, $conn);
	//save_log ('Add','imgalbum',$id); //Add,Update,Edit,Status,Delete,Check
	if($result5)  {  
		return '1';
	}  
	else  {  
		return '2';
	}

	mysql_free_result($result5);
	mysql_close($conn);
}
?>